db = require('./../libs/db')

module.exports = {
#设置用户信息，根据请求头中的x-token字段找到过期时间大于当前日期的user
  setUserInfo: (req, res, next)->
    token = req.headers['x-token']
    db.users.findOne({token: token, expiredTime: {$gt: Date.now()}}, (err, user)->
      req.userInfo = user if not err
      next()
    )
#验证用户信息，检查符合条件的user
  validateUserInfo: (req, res, next)->
    if not req.userInfo
      res.status(401)
      return res.send('未授权')
    next()
}